From cfc2a0e68863244e54417459aec13473d3286eb8 Mon Sep 17 00:00:00 2001 From: Florin Coras Date: Wed, 8 Nov 2023 14:14:17 -0800 Subject: tls: avoid reads after tcp transport removed Make sure underlying transport connection is not removed on rescheduled read event. Type: fix Signed-off-by: Florin Coras Change-Id: I0137a2e43aa84d9442279e036c25771aeefd207f --- src/vnet/tls/tls.c | 22 ++++++++++++++++++---- 1 file changed, 18 insertions(+), 4 deletions(-) (limited to 'src/vnet') diff --git a/src/vnet/tls/tls.c b/src/vnet/tls/tls.c index aca8c9f16a3..0fe4bb2de3c 100644 --- a/src/vnet/tls/tls.c +++ b/src/vnet/tls/tls.c @@ -507,21 +507,25 @@ tls_session_accept_callback (session_t * tls_session) } int -tls_app_rx_callback (session_t * tls_session) +tls_app_rx_callback (session_t *ts) { tls_ctx_t *ctx; /* DTLS session migrating, wait for next notification */ - if (PREDICT_FALSE (tls_session->flags & SESSION_F_IS_MIGRATING)) + if (PREDICT_FALSE (ts->flags & SESSION_F_IS_MIGRATING)) return 0; - ctx = tls_ctx_get (tls_session->opaque); + /* Read rescheduled but underlying transport deleted now */ + if (PREDICT_FALSE ((ts->session_state == SESSION_STATE_TRANSPORT_DELETED))) + return 0; + + ctx = tls_ctx_get (ts->opaque); if (PREDICT_FALSE (ctx->no_app_session || ctx->app_closed)) { TLS_DBG (1, "Local App closed"); return 0; } - tls_ctx_read (ctx, tls_session); + tls_ctx_read (ctx, ts); return 0; } @@ -699,11 +703,21 @@ dtls_session_migrate_callback (session_t *us, session_handle_t new_sh) tls_ctx_free (ctx); } +static void +tls_session_transport_closed_callback (session_t *ts) +{ + tls_ctx_t *ctx; + + ctx = tls_ctx_get_w_thread (ts->opaque, ts->thread_index); + session_transport_closed_notify (&ctx->connection); +} + static session_cb_vft_t tls_app_cb_vft = { .session_accept_callback = tls_session_accept_callback, .session_disconnect_callback = tls_session_disconnect_callback, .session_connected_callback = tls_session_connected_callback, .session_reset_callback = tls_session_reset_callback, + .session_transport_closed_callback = tls_session_transport_closed_callback, .half_open_cleanup_callback = tls_session_cleanup_ho, .add_segment_callback = tls_add_segment_callback, .del_segment_callback = tls_del_segment_callback, -- cgit 1.2.3-korg